SMS Security in Mobile Devices: A Survey

The SMS based Mobile communications require high security in the network. Information as well as SMS security is important and challenging part for mobile communication. Some ethical hackers or attackers access the illegally sensitive data or messages. For solve this important issue and problems. Many users' uses the various algorithm and techniques for provide security to data and SMS in communication networks. Some users use encryption as well as decryption algorithms. Many people's implement own algorithm for SMS or data security in the communication network. The algorithms like AES, DES, Triple DES used by many authors for encrypt or decrypt SMS for communication. In the Wireless communication network for reducing processing time i.e. encryption or decryption time, developers uses various available algorithms. New algorithms implemented using AODV Protocols in wireless communication networks. In this paper we have propose the survey of SMS encryption as well as decryption techniques, algorithms, models use in communication network and security. The concept of Server key secure and Sender key secure messaging for SMS security.

2017

Nowadays, short message service (SMS) is being used in many daily life applications, including healthcare monitoring, mobile banking, mobile commerce, and so on. But when we send an SMS from one mobile phone to another, the information contained in the SMS transmit as plain text. Sometimes this information may be confidential like account numbers, passwords, license numbers, and so on. In this paper, presented an efficient and secure technique called secure SMS. The working of the protocol is presented by considering the asymmetric key cryptography . The analysis of the proposed technique shows that this protocol is able to prevent various attacks, including SMS disclosure, over the air modification, replay attack, man-in-the middle attack, and impersonation attack

2012

Nowadays, security of SMS is a crucial aspect because it plays an important role in value added services and mobile commerce. Asymmetric algorithm like Diffie-Hellman can be used to encrypt the SMS message in M-commerce or mobile banking system. We use authentication functions to maintain the integrity of data. Password key exchange protocol based on Diffie-Hellman algorithm generates a secret shared key which can be used in message encryption and in MAC function. MAC (message authentication code) or hash functions are used maintain the integrity of message and can be used with the encryption. These functions also act as an error detecting code or checksum. This paper discusses the comparative analysis of both the authentication functions separately for password key exchange protocol by analyzing some of the security issues. The discussion of this paper concludes that MAC functions are more secure than hash function, but having greater complexity and take more to execute. So, it's better to use hash function for maintaining the integrity of message over a network where the transmitted amount of message is very small (SMS). Here, digital signature is generated with RSA to show the functionality of MD5 and SHA1, which prevents SMS from message modification and non-repudiation attack.

IJCSMC, 2019

Communication has been a major factor in human’s everyday life. The advancement of information technology changed the method of online transactions. No one uses SMSs that frequently to pass messages from one to another because of the arrival of the free data services and cheap data packs from the ISPs. But SMS still plays a very vital role in our day to day lives and its theft is increasing concerns to secure it. No airline or bank or subscription services send their transaction details through any web appl ication but through SMS. SMS plays an important role in online transactions .With the increasing use of SMS for communication and information exchange, care should be taken when sensitive information is transmitted using SMS. Users should be aware that SMS messages might be subject to interception. Solutions such as encrypted SMS should be considered if there is a need to send sensitive information via SMS. The messages are encrypted by strong cryptographic algorithms. The encrypted message received by the customer decrypt the message by authentication. This is only known to user. It uses RSA algorithm for secure keys and AES algorithm to secure message. Authentication is implemented by using pattern lock. This system provide secure and reliable communication environment.

IJCSET, 2011

Global System for Mobile (GSM) is a second generation cellular standard developed to cater voice services and data delivery using digital modulation. Short Message Service (SMS) is the text communication service component of mobile communication systems, using standardized communications protocols that allow the exchange of short text messages between mobile phone devices. SMS will play a very vital role in the future business areas whose are popularly known as m-Commerce, mobile banking etc. For this future commerce, SMS could make a mobile device in a business tool as it has the availability and the effectiveness. The existing SMS is not free from the eavesdropping, but security is the main concern for any business company such as banks who will provide these mobile banking. Presently there is no such scheme which can give the complete SMS security. Now, a new security scheme for improving the SMS security is proposed here. At first plaintext of SMS would be made as cipher text with the help of existing GSM encryption technology, then this cipher text would be digitally signed with the help of public key signature. These will be made compatible to existing infrastructure of GSM security. The proposed scheme will give total authenticity, data integrity, confidentiality, authorization and non-repudiation which are the most essential issues in m-commerce or mobile banking and in secure messaging.

IJCA, Published by Foundation of Computer Science, New York, USA, 2012

Asymmetric algorithm like Diffie-Hellman can be used to encrypt the SMS message in M-commerce or mobile banking system. Password key exchange protocol based on Diffie-Hellman key exchange algorithm allows users to exchange a secret key that can be used in message encryption. The security of this protocol can be increased by using the MAC (message authentication code) or hash function with the encryption. These functions act as an error detecting code or checksum. This paper throws a light on the comparative analysis of both the authentication functions separately in password key exchange protocol. By analyzing some of the security issues viz. (i) brute force attach and (ii) cryptanalysis, it can be very well shown that the MAC function is more secure than hash.

2016

Asymmetric algorithm like Diffie-Hellman can be used to encrypt the SMS message in M-commerce or mobile banking system. Password key exchange protocol based on Diffie-Hellman key exchange algorithm allows users to exchange a secret key that can be used in message encryption. The security of this protocol can be increased by using the MAC (message authentication code) or hash function with the encryption. These functions act as an error detecting code or checksum. This paper throws a light on the comparative analysis of both the authentication functions separately in password key exchange protocol. By analyzing some of the security issues viz. (i) brute force attach and (ii) cryptanalysis, it can be very well shown that the MAC function is more secure than hash.

2015

This thesis analyzes the security of Short Message Service (SMS) which is a permanent service on mobile networks. Mobile networks have evolved from GSM Technology for more than 20 years. Security is a headline issue these days and use of SMS service has become an extension of our lives and plays a paramount role in daily chores since its inception with most immediate and efficient form of communication. Due to the available functionality of the mobile networks, SMS are exposed to different kinds of attacks. SMS is one of the fundamental features of the mobile phone and is considered to be a fascinating area for attackers. For the increasing demand for secure SMS, it is important to perform vulnerability analysis of SMS implementation and finding out additional security vulnerabilities within the network, and smart-phones. With the existence of the mobile phone over the years, SMS has been widely embraced as a standard for quick and easy communication. SMS has proceeded from normal message service to two-factor authentication (2FA) scheme for account login and registering. Ever since the growing mindshare and outsized new security valuations to the users for their accounts, SMS service provides best possible forms such as one-time password (OTP) and mobile-Transaction Authentication Number (mTAN) for 2FA. The most important and challenging part of mobile communication is SMS security as attackers illegally access the sensitive data through messages and sometimes compromising the device. If these themes are not addressed adequately, through security controls and measures, the underlying threats could compromise the confidentiality, integrity and availability of SMS service. A detailed study of the mobile networks, SMS protocol structure, and various attack methods were investigated to understand the different properties of authentication and encryption methods that can be applied to counteract the exploits for the applicability of SMS messages in near future. Security Analysis of SMS and Related Technologies iii Acknowledgement I am grateful to numerous local and global peers who have contributed towards shaping this thesis. At the outset, I would like to express my sincere thanks to Berry Schoenmakers for his advice during my thesis work. As my supervisor, he has constantly encouraged me to remain focused on achieving my goal. His observations and comments helped me to establish the overall direction of the research and to move forward with some detailed investigations. He has helped me greatly and been a source of knowledge to me. I wish to extend my gratitude to Benne de Weger and Jerry den Hartog for accepting to be in the evaluation committee of my final examination of thesis. My sincere thanks to everyone who has provided me with kind words, a welcome ear, new ideas, useful criticism, or their invaluable time, I am truly indebted. My gratitude also goes out to my younger brother Sanket Chaudhari , my family and friends in Eindhoven and India who helped me all the way during my Master's and during the thesis with any technical problems on the way. I must acknowledge the academic resources that I have got from Technical Univeristy of Eindhoven. Last, but not the least, I would like to dedicate this thesis to my family, for their love, patience, and understanding. Security Analysis of SMS and Related Technologies v Contents Contents vii List of Figures ix List of Tables xi

— Short message service (SMS) is most important communication medium in many daily life applications, including healthcare monitoring, mobile banking, mobile commerce, and so on. When a SMS send an from one mobile phone (MS) to another MS (Mobile subscriber), the information contained in the SMS transmit as plain text. Sometimes this information may be confidential like account numbers ,passwords, license number ,PAN number and so on, and it is a major drawback to send such information through SMS while the traditional SMS service does not provide encryption to the information before its transmission, However telecom service providers are ensuring at server end some security provided as Using A3,A8 and Kc algorithms through Triplet Authentication system, but not providing during the message transformation .In this paper, we propose an efficient and secure protocol called User End secure SMS along with integrity key check and massage through Encrypted form as secure manner from source to destination across GSM or UMTS networks , which provides end-to-end secure communication through SMS between end users. The working of the protocol is presented by considering two different scenarios. The analysis of the proposed protocol shows that this protocol is able to prevent various attacks, including SMS disclosure, over the air modification, replay attack, man-in-the middle attack, and impersonation Attack. .The protocol completely based on the symmetric key cryptography and retains original architecture of cellular network. The simulation generated in C#.net for execution system. SMS protocol is successfully designed in order to provide end-to-end secure communication through SMS between mobile users. The analysis of the proposed protocol shows that the protocol is able to prevent various attacks. The transmission of symmetric key to the mobile users is efficiently managed by the protocol. We consider all the transmission among various Authentication Server AS (Either same location or different location) take place by encrypting the message with a symmetric key shared between each pair of AS. This protocol produces lesser communication and computation overheads, utilizes bandwidth efficiently, and reduces message exchanged ratio during authentication than AES overheads, utilizes bandwidth efficiently, and reduces message exchanged ratio during authentication than AES

2009

The exponential growth of the Short Message Service �SMS) use has transformed this service in a widespread tool for social and commerce messaging. However, security concerns have been raised as applications become more critical and complex. Thus, this paper introduces an SMS security framework, which allows programmers and users to exchange confidential, non-repudiable and digitally signed text messages. This framework can fit in many development scenarios, such as commercial transactions or bureaucratic delegations. In addition, the proposed framework is highly flexible and efficient, since programmers can choose among several encryption algorithms according to the computational power and battery usage of each mobile device. Finally, this paper also analyzes the existing tradeoffs between security and performance in SMS applications running on mobile devices such as smart-phones and PDAs.

2014

Billions of text messages are sent daily through GSM networks sent in plain text format which makes them susceptible to various attacks. With the increasing number of software crackers available for free in the internet, studies have shown SMS continues to suffer from several security vulnerabilities and loopholes. The aim of this project was to develop a secure messaging platform for Java enabled phones to securely send encrypted short messages via the GSM network.. The application was developed in MDIP 2.0 and CDLC 1.1configurations and applied symmetric encryption concepts. The experimental results revealed that the mobile application was able to encrypt, decrypt, send and receive text messages without adding changing the size of the packets .

2010

Nowadays, Short Message Service (SMS) still represents the most used mobile messaging service. SMS messages are used in many different application fields, even in cases where security features, such as authentication and confidentiality between the communicators, must be ensured. Unfortunately, the SMS technology does not provide a built-in support for any security feature.

2012

The Short Message Service (SMS) is one of very popular kind of superior and well-tried services with a global availability in GSM networks. This paper deals with an SMS security for mobile communication. The transmission of an SMS in GSM network is not secure; therefore it is desirable to secure SMS by additional encryption. A proposed approach, based on encryption and digital signature efficiently embeds the confidentiality, integrity, authentication, and non-repudiation in the SMS messages. In the next part, there is the description of design and implementation of the application, which encrypts SMS by DES, Triple DES, AES and Blowfish algorithms and finally signs SMS by DSA or RSA algorithm respectively. At the end, we described attacks on secured SMS and future extension of the application.

In the past few years a new generation of mobile messaging systems have been developed in conjunction with the explosive growth in the use of smart phones. As this technology enabling for accessing Internet based services, the new-generation the messaging applications was directed to play the role of traditional text messaging(SMS). Such applications require only the user’s phone number for registration. Unfortunately, these appl1icationsdo not provide a built-in support for any security feature. Sometime, the basic security features (e.g., authentication and confidentiality between the communicators) must be ensured in messaging service. In addition to that, most of the modern communications via internet takes place "through the air"; therefore the risk of interception becomes greater than in case of wired networks. If the message is not encrypted, or encrypted using a weak algorithm, the attacker can get it and may make hard harm. This paper presents a security solution to ensure confidentiality and authentication of exchanged messages, the users of proposed system can communicate exclusively via web server and by using a dedicated android application. The exchanged messages are encrypted using stream cipher RC4 with a personalP2P dynamic encryption key.

2018

Nowadays, short message service (SMS) is being used in many daily life applications, including healthcare monitoring, mobile banking, mobile commerce etc. Short message service (SMS) is the text communication service component of mobile communication system by using standardized communication that allow to exchange of short text messages between mobile phone devices. Short message service (SMS) plays a vital role in various different fields such as in the medical field, mobile banking etc But the traditional SMS service offered by some of the network operator does not provide the encryption to the information before the SMS has been transmitted.The objective of this dissertation work is to implement an EasySMS protocol which is an efficient and secure protocol, which provides an end-to-end secure communication through SMS between end users.The main components in the Easy SMS protocol are two mobile station,authentication server (AS) which stores all the symmetric keys shared between...